Microsoft says in Windows 11 announcement event: Also: Microsoft is making sure to improve the security baseline through built-in secure boot, hardware virtualization security features, Hypervisor-Protected Code Integrity, and much more security-based implementations in Windows 11. David Weston, Microsoft’s Director of Enterprise and OS Security, stated that: Now, let’s have a look at how Windows 11 will have greater security features as compared to previous releases.
New Security Features in Windows 11
Here are the new security features that are incorporated in Windows 11: Let us discuss these in detail!
1] Trusted Platform Module (TPM)
Trusted Platform Module (TPM) is one of the most prominent security features in Windows 11. TPM is a chip that is used to secure confidential and sensitive data like encryption keys, user credentials, and more in the back of a hardware barrier. As attackers getting smarter and using advanced techniques to tamper data on your PC, this will help protect your PC against malware, ransomware, and other cyberattacks. TPM chip is added to the CPU individually or integrated into your computer’s motherboard. Microsoft has made TPM a minimum requirement to run Windows 11. So, you can run Windows 11 only if your PC has built-in TPM chips. Although some high-end PCs use TPM chips. But, now it has become a necessity for using Windows 11 on your PC. Else, you won’t be able to upgrade to Windows 11. To make it easier for users, TPM 2.0 chips will be integrated into all certified Windows 11 systems so that customers can take advantage of security backed by a hardware root of trust. Read: How to use Windows Security in Windows 11 for the best protection.
2] Support for Azure-based Microsoft Azure Attestation
Azure-based Microsoft Azure Attestation (MAA) basically verifies the trustiness of multiple platforms before you access it. Windows 11 has out-of-the-box support for Azure-based Microsoft Azure Attestation. When customers access sensitive resources in the cloud, MAA enables Zero Trust policies to ensure that the platform is secure. Azure Attestation-backed policies verify both identity and platform helping organizations to safeguard organization resources. Read: Why is my PC not compatible with Windows 11?
3] New Security Innovations like Microsoft Pluton security processor
Windows 11 will come with various new security innovations. These include hardware-enforced stack protection, Microsoft Pluton security processor, etc. This will ensure to protect users from zero-day exploits and also strengthen Zero Trust security. Zero Trust security approach basically ensures to verify everyone and everything that wants to access resources on a private network. This is another important security update in Windows 11. Read: Windows 11 System Requirements.
4] Secured-core PCs
Secured-core PCs add an extra security layer beneath the OS by combining identity, virtualization-based security, operating system, and hardware and firmware protection. They are twice more resistant to malware infection and firmware attacks. And, they enable users to boot securely, be secure against firmware vulnerabilities, block unauthorized access, and more. Read: Windows 11 Product Lifecycle and Servicing Update.
5] Microsoft wants you to ditch passwords
By default, the new Windows 11 devices will now be without passwords from day one. You won’t have to enter the password now to log in. With Windows Hello, Windows 11 is moving onto more strong authentication methods including Face lock, Fingerprint, Iris, and other biometrics. IT admins in enterprises can deploy Windows Hello for Business that involves granular control of authentication methods. Windows 11 primarily focuses on hardware security requirements to mitigate various firmware attacks, zero-day exploits, malware infection, and other cyber attacks. All this new hardware security is compatible with forthcoming Pluton-equipped systems and devices using a TPM 2.0 security chip, including Dell, HP, Acer, ASUS, and many more. The above-discussed design and built-in features combined together add extra layers of security to Windows 11. The main aim of Microsoft this time is to improve productivity with an enhanced set of built-in security features. Now read: Planning for Windows 11 Deployment?